 <?php 
	include 'getUserLists.php';
	
	if ($_SERVER[REQUEST_METHOD] == "GET" && !empty($_GET["abstract"])) {
		//This code block finds the username and fileID for the abstract to be deleted. 
		$query = "SELECT username, uploadedAbstractID FROM abstract WHERE abstractID = '" . $_GET["abstract"] . "'";
		if ($result = mysqli_query($con, $query)) {
			$row = mysqli_fetch_array($result);
			$abstractAuthor = $row['username'];
			$fileID = $row['uploadedAbstractID'];
		}
		
		if (in_array($_SESSION['user'], $admins) || $_SESSION['user'] == $abstractAuthor) {
				$abstract = htmlspecialchars($_GET["abstract"]);
				?>
				<script>
					if (confirm('Are you sure you want to delete this abstract? This action can not be undone.')) {
					<?php
						//Delete the entry from the abstract table. 
						$query = "DELETE FROM abstract WHERE abstractID='" . $abstract . "'";
						mysqli_query($con, $query);
						
						//Delete the entry from the files table. 
						$query = "DELETE FROM files WHERE file_id='" . $fileID . "'";
						mysqli_query($con, $query);
					?>
					}
				</script>
				<?php
		}
		else {
		?>
			<script>
				alert("This action is restricted.");
			</script>
		<?php
		}
	}
 ?>
 
 <meta http-equiv="refresh" content="0;URL=home.php">